TN-999: Reverse Engineering Malware Course

Course Overview:

This course is designed for professionals that are expected to do malware analysis. A skills focus enables the student to better absorb the subject matter and perform successfully on the job. This is not death by power point. The course is aligned with information assurance operators and executing hands-on labs. Lecture and labs walk the student through the knowledge required to truly understand the mechanics Reverse Engineering Malware.

Attendees to TN-999: Reverse Engineering Malware will receive TechNow approved course materials and expert instruction.

Date/Locations:

No Events

Duration: 5 days

Course Objectives:

Toolkit and Lab Assembly
Malware Code and Behavioral Analysis Fundamentals
Malicious Static and Dynamic Code Analysis
Collecting/Probing System and Network Activities
Analysis of Malicious Document Files
Analyzing Protected Executables
Analyzing Web-Based Malware
DLL Construction and API Hooking
Common Windows Malware Characteristics in x86 Assembly
Unpacking Protected Malware
In-Depth Analysis of Malicious Browser Scripts, Flash Programs and Office
In-Depth Analysis of Malicious Executables
Windows x86 Assembly Code Concepts for Revers-Engineering Memory Forensics for Rootkit Analysis

Prerequisites:

Strong understanding of core systems and network concepts
Exposure to programming and assembly concepts
Comfortable with command line access

Comments

Latest comments from students

User: marcus.osullivan

Instructor comments: Good stuff. I like the beginning half where there was help from an additional instructor to facilitate fixing computer errors that inevitably popped up.

Facilities comments: The baby deer were neat! I like the resort.

Liked the class? Then let everyone know!

Observations of Instructor Led Training with Real Hardware

TechNow has heard many students talk about virtualized/remote training that TechNow Does Not Do. While training our most recent offering of PA-215: Palo Alto Networks Firewall Essentials FastTrack a student told his story of how he endend up in our course. His story we have heard for other technologies like Cisco, VMware, BlueCoat and other products.

A large percentage of training is moving to the virtualized/remote lab environments. Students are asked to use some variant of remote access software and remote into the training company's lab environment. Our student in our Palo Alto Networks Firewall course informed us that he went to a very costly offering of that course from the vendor and was not able to perform any labs. There were either network connectivity issues, or issues with the remote access software, or other problems. The whole training experience was very frustrating and not productive.

We keep our labs open to students if they would like after hours, or before hours access. Repeatedly going through a lab engrains that knowledge for later recall. Touching hardware is so critical in understanding the problems that arise when a cable comes loose, or a cable gets plugged in the wrong port. There are other scenarios such as just pulling the power cable, or turning off a power strip, or accidently overwriting a configuration. These disaster scenarious requires hands-on physical access to hardware. Preventing and recovering from disasters is what it's all about, and that requires hands-on, instructor led, real hardware.

EC-Council

TechNow,Inc is an Accredited Training Center. As an ATC we are authorized to conduct EC-Council curriculum courses. Students will receive official EC-Council Curriculum and access to iLabs and when applicable access to EC-Council Cyber Range.

Here are the EC-Council course offerings:

N-455: Securing Networks with ASA Fundamentals (SNAF)

Course Overview:

In this course, you will gain the knowledge and skills needed to configure, maintain, and operate Cisco ASA 5500 Series Adaptive Security Appliance.

Attendees to N-455: Securing Networks with ASA Fundamentals (SNAF) will receive TechNow approved course materials and expert instruction.

Dates/Locations:

No Events

Duration: 5 Days

Course Objectives:

Introducing Cisco Security Appliance Technology and Features
Cisco Adaptive Security Appliance and PIX Security Appliance Families
Getting Started with Cisco Security Appliances
Essential Security Appliance Configuration
Configuring Translations and Connection Limits
Using ACLS and Content Filtering
Configuring Object Grouping
Switching and Routing on Security Appliances
Configuring AAA for Cut-Through Proxy
Configuring the Cisco Modular Policy Framework
Configuring Advanced Protocol Handling
Configuring Threat Detection
Configuring Site-to-Site VPNS Using PreShared Keys
Configuring Security Appliance Remote Access VPNs
Configuring Cisco Security Appliance for SSL VPN
Configuring Transparent Firewalls Mode
Configuring Security Contexts
Configuring Failover
Managing Security Appliances

Prerequisites:

CCNA certification

Comments

Latest comments from students

Liked the class? Then let everyone know!

DoD 8570 Training in San Antonio, TX

DoD 8570 Training in San Antonio, TX.

TechNow has developed a proven training program that brings the skillset to the certification process. TechNow is a mobile testing center that can deliver D0D 8570 training and the certification in one week. Our intergrated DoD 8570 training in San Antonio, TX incorporates hands on skills with testing objectives that produces an incredibly high pass rate. To learn more about our DoD 8570 training program click here